Patents by Inventor Sameer Merchant
Sameer Merchant has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10419496Abstract: Disclosed are systems, methods, and computer-readable storage media for guaranteeing symmetric bi-directional policy based redirect of traffic flows. A first switch connected to a first endpoint can receive a first data packet transmitted by the first endpoint to a second endpoint connected to a second switch. The first switch can enforce an ingress data policy to the first data packet by applying a hashing algorithm to a Source Internet Protocol (SIP) value and a Destination Internet Protocol (DIP) value of the first data packet, resulting in a hash value of the first data packet. The first switch can then route the first data packet to a first service node based on the hash value of the first data packet.Type: GrantFiled: June 17, 2016Date of Patent: September 17, 2019Assignee: CISCO TECHNOLOGY, INC.Inventors: Murukanandam Panchalingam, Umamaheswararao Karyampudi, Pirabhu Raman, Sameer Merchant
-
Patent number: 10374952Abstract: Various embodiments are disclosed for increasing Layer-3 LPM (longest prefix match) routing database in a network platform. In some embodiments, chipsets in fabric modules (FMs) can be partitioned into multiple banks. Network traffic can be directed towards a corresponding bank in the FMs by using a LPM table on a line card (LC). Entries in the LPM table on the LC can be programmed either statically or dynamically based upon LPM routes that are dynamically learned.Type: GrantFiled: October 24, 2017Date of Patent: August 6, 2019Assignee: CISCO TECHNOLOGY, INC.Inventors: Ayan Banerjee, Sameer Merchant, Ramana Mellacheruvu, Ramesh V. N. Ponnapalli, Srinivasan Ramabadran
-
Patent number: 10374878Abstract: Systems, methods, and non-transitory computer-readable storage media for forwarding tables for virtual networking devices. The system first identifies local virtual machines hosted on a local host connected to the system, the system having virtual tunneling capabilities. The system then generates a forwarding table for the system. Next, the system populates the forwarding table with local entries including bindings for the local virtual machines hosted on the local host and adds a default route in the forwarding table pointing to a default forwarder function, wherein the default route is configured to handle all non-local traffic relative to the system and the local host.Type: GrantFiled: July 26, 2017Date of Patent: August 6, 2019Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, Sameer Merchant
-
Publication number: 20190238520Abstract: Various embodiments are directed to a system and method for establishing a secure communication pathway between a network-connected device and a computing platform. Such configurations encompass encrypting a device-specific installation package passed to the device using a device-generated cryptography key, verifying the identity of the computing platform at the device, encrypting a response message via a platform-generated cryptography key, transmitting the response message to the computing platform, verifying characteristics of the device via the response message, and establishing a secure communication platform upon verification of the device.Type: ApplicationFiled: January 30, 2019Publication date: August 1, 2019Inventors: Antonio J. Espinosa, Shashi Sastry, Vincent Bemmel, Sameer Merchant
-
Publication number: 20190207957Abstract: To determine whether an IoT system connected with a network environment (e.g., the internet) is compromised, a networked Trust as a Service (TaaS) server receives system data indicative of various characteristics of the IoT system, wherein the system data is harvested by a software agent installed on the IoT system. The TaaS server initially establishes a baseline characteristics profile for the IoT system, such that subsequently received system data from the software agent may be compared against the baseline characteristics profile to quickly identify discrepancies between the originally established baseline characteristics profile and current operating characteristics of the system. Such discrepancies may be caused by desirable software updates, in which case the discrepancies may be integrated into the baseline characteristics profile, or the discrepancies may result from the IoT system being undesirably compromised.Type: ApplicationFiled: August 31, 2018Publication date: July 4, 2019Inventors: Antonio J. Espinosa, Shashi Sastry, Vincent Bemmel, Sameer Merchant
-
Publication number: 20190205552Abstract: Providing an objective measure of trust in data provided by an Industrial Internet of Things (IIoT) device and/or a plurality of IIoT devices at a particular location so as to provide an aggregated objective measure of trust in data provided by the particular location.Type: ApplicationFiled: December 28, 2018Publication date: July 4, 2019Inventors: Antonio J. Espinosa, Shashi Sastry, Vincent Bemmel, Sameer Merchant
-
Publication number: 20190207965Abstract: Providing an objective measure of trust in data provided by an Industrial Internet of Things (IIoT) device utilizes an objective trust indicator generated based at least in part on baseline device characteristics and corresponding monitored/observed device characteristics. These device characteristics may comprise device hardware characteristics, device software characteristics, application software characteristics (of software installed on the device), and/or device behavior characteristics. The trust indicator is determined by comparing a match vector indicative of weighted scores for the baseline device characteristics relative to a generated monitored characteristics vector indicative of differences between baseline and monitored device characteristics, and determining a directional difference between the match vector and the monitored characteristics vector.Type: ApplicationFiled: August 31, 2018Publication date: July 4, 2019Inventors: Antonio J. Espinosa, Shashi Sastry, Vincent Bemmel, Sameer Merchant
-
Publication number: 20190166044Abstract: Identity information is decoupled from reachability information in packets transferred between hosts of a computer network by replacing forwarding information within said packets with an identifier having a format of the forwarding information, and applying forwarding labels, derived from the identifiers, which are then used in lieu of the forwarding information for conveying the packets within the network. During such conveyance, the packets are treated according to one or more policies prescribed on a basis of the identifier, which may be an IPv6 address. The forwarding labels may be MPLS labels.Type: ApplicationFiled: November 28, 2017Publication date: May 30, 2019Inventors: Shrijeet Mukherjee, Sameer Merchant, Wilson Kok, Roopa Prabhu
-
Patent number: 10020989Abstract: An administrator can define or modify one or more service graphs. Next, the administrator can register service appliances along with their device package files with a controller. Then, the controller can establish the capabilities of the service devices, and classify the service devices as legacy or service tag switching (STS) capable devices. Then, the controller can create one or more instances of the service graph, by populating the service nodes into the service graph. Then, the application owner can attach their endpoint groups (EPGs) to the service graphs created by the administrator. Then, a service in the network can be automatically provisioned using the service graph to configure one or more nodes in an associated service chain of the service according to information in the service graph.Type: GrantFiled: June 30, 2016Date of Patent: July 10, 2018Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, Sameer Merchant, Pirabhu Raman, Amit Jain
-
Publication number: 20180139132Abstract: Disclosed herein are methods of forwarding packets on a network, such as a leaf-spine network having leaf devices and spine devices. The methods may include receiving a packet at an ingress leaf device, and determining based, at least in part, on a header of the packet whether the packet is to be transmitted to a spine device. The methods may further include ascertaining based, at least in part, on a header of the packet whether to perform encapsulation on the packet, encapsulating the packet according to a result of the ascertaining, and then transmitting the packet to a spine device according to a result of the determining. Also disclosed herein are network apparatuses which include a processor and a memory, at least one of the processor or the memory being configured to perform some or all of the foregoing described methods.Type: ApplicationFiled: December 27, 2017Publication date: May 17, 2018Inventors: Thomas James Edsall, Navindra Yadav, Francisco M. Matus, Kit Chiu Chu, Michael R. Smith, Sameer Merchant, Krishna Doddapaneni, Satyam Sinha
-
Publication number: 20180048568Abstract: Various embodiments are disclosed for increasing Layer-3 LPM (longest prefix match) routing database in a network platform. In some embodiments, chipsets in fabric modules (FMs) can be partitioned into multiple banks. Network traffic can be directed towards a corresponding bank in the FMs by using a LPM table on a line card (LC). Entries in the LPM table on the LC can be programmed either statically or dynamically based upon LPM routes that are dynamically learned.Type: ApplicationFiled: October 24, 2017Publication date: February 15, 2018Inventors: Ayan Banerjee, Sameer Merchant, Ramana Mellacheruvu, Ramesh V.N. Ponnapalli, Srinivasan Ramabadran
-
Patent number: 9876715Abstract: Disclosed herein are methods of forwarding packets on a network, such as a leaf-spine network having leaf devices and spine devices. The methods may include receiving a packet at an ingress leaf device, and determining based, at least in part, on a header of the packet whether the packet is to be transmitted to a spine device. The methods may further include ascertaining based, at least in part, on a header of the packet whether to perform encapsulation on the packet, encapsulating the packet according to a result of the ascertaining, and then transmitting the packet to a spine device according to a result of the determining. Also disclosed herein are network apparatuses which include a processor and a memory, at least one of the processor or the memory being configured to perform some or all of the foregoing described methods.Type: GrantFiled: October 31, 2014Date of Patent: January 23, 2018Assignee: CISCO TECHNOLOGY, INC.Inventors: Thomas James Edsall, Navindra Yadav, Francisco M. Matus, Kit Chiu Chu, Michael R. Smith, Sameer Merchant, Krishna Doddapaneni, Satyam Sinha
-
Publication number: 20170366506Abstract: Disclosed are systems, methods, and computer-readable storage media for guaranteeing symmetric bi-directional policy based redirect of traffic flows. A first switch connected to a first endpoint can receive a first data packet transmitted by the first endpoint to a second endpoint connected to a second switch. The first switch can enforce an ingress data policy to the first data packet by applying a hashing algorithm to a Source Internet Protocol (SIP) value and a Destination Internet Protocol (DIP) value of the first data packet, resulting in a hash value of the first data packet. The first switch can then route the first data packet to a first service node based on the hash value of the first data packet.Type: ApplicationFiled: June 17, 2016Publication date: December 21, 2017Inventors: Murukanandam Panchalingam, Umamaheswararao Karyampudi, Pirabhu Raman, Sameer Merchant
-
Publication number: 20170339054Abstract: Systems, methods, and non-transitory computer-readable storage media for forwarding tables for virtual networking devices. The system first identifies local virtual machines hosted on a local host connected to the system, the system having virtual tunneling capabilities. The system then generates a forwarding table for the system. Next, the system populates the forwarding table with local entries including bindings for the local virtual machines hosted on the local host and adds a default route in the forwarding table pointing to a default forwarder function, wherein the default route is configured to handle all non-local traffic relative to the system and the local host.Type: ApplicationFiled: July 26, 2017Publication date: November 23, 2017Inventors: Navindra Yadav, Sameer Merchant
-
Patent number: 9825857Abstract: Various embodiments are disclosed for increasing Layer-3 LPM (longest prefix match) routing database in a network platform. In some embodiments, chipsets in fabric modules (FMs) can be partitioned into multiple banks. Network traffic can be directed towards a corresponding bank in the FMs by using a LPM table on a line card (LC). Entries in the LPM table on the LC can be programmed either statically or dynamically based upon LPM routes that are dynamically learned.Type: GrantFiled: July 31, 2014Date of Patent: November 21, 2017Assignee: CISCO TECHNOLOGY, INC.Inventors: Ayan Banerjee, Sameer Merchant, Ramana Mellacheruvu, Ramesh V. N. Ponnapalli, Srinivasan Ramabadran
-
Patent number: 9755965Abstract: Systems, methods, and non-transitory computer-readable storage media for forwarding tables for virtual networking devices. The system first identifies local virtual machines hosted on a local host connected to the system, the system having virtual tunneling capabilities. The system then generates a forwarding table for the system. Next, the system populates the forwarding table with local entries including bindings for the local virtual machines hosted on the local host and adds a default route in the forwarding table pointing to a default forwarder function, wherein the default route is configured to handle all non-local traffic relative to the system and the local host.Type: GrantFiled: September 4, 2014Date of Patent: September 5, 2017Assignee: CISCO TECHNOLOGY, INC.Inventors: Navindra Yadav, Sameer Merchant
-
Publication number: 20170214619Abstract: The subject technology addresses a need for improving utilization of network bandwidth in a multicast network environment. More specifically, the disclosed technology provides solutions for extending multipathing to tenant multicast traffic in an overlay network, which enables greater bandwidth utilization for multicast traffic. In some aspects, nodes in the overlay network can be connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network.Type: ApplicationFiled: April 7, 2017Publication date: July 27, 2017Inventors: Kit Chiu Chu, Thomas J. Edsall, Navindra Yadav, Francisco M. Matus, Krishna Doddapaneni, Satyam Sinha, Sameer Merchant
-
Patent number: 9680778Abstract: A system and method for delivering content in real-time using advanced messaging technology that reduces the risk of content being lost or dropped in transmission. The system and method utilize a custom, simplified XML format to deliver real-time textual, numeric, and metadata content directly to subscribers. The XML tag set specifies all of the information needed to package, process, and distribute real-time content messages and includes an advanced tagging structure that allows granular content customization. Messages are built on the fly using multi-channel data processing techniques. The XML delivery system and method offers an array of real-time market-specific page-based “Alert” services and aggregated newswires with accompanying real-time numeric data feeds. These feeds contain proprietary assessments and other price data across a broad spectrum of global and regional commodity markets, including oil, petrochemicals, metals, electric power, natural gas, coal, and risk.Type: GrantFiled: June 20, 2016Date of Patent: June 13, 2017Assignee: S&P Global Inc.Inventors: Sameer Merchant, Gerald Bueshel, Jules Michael McLeod, John Marshall
-
Patent number: 9654385Abstract: The subject technology addresses the need in the art for improving utilization of network bandwidth in a multicast network environment. More specifically, the disclosed technology addresses the need in the art for extending multipathing to tenant multicast traffic in an IP overlay network, which enables the network to fully utilize available bandwidth for multicast traffic. In some examples, nodes in the overlay network may be connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network.Type: GrantFiled: October 7, 2014Date of Patent: May 16, 2017Assignee: Cisco Technology, IncInventors: Kit Chiu Chu, Thomas J. Edsall, Navindra Yadav, Francisco M. Matus, Krishna Doddapaneni, Satyam Sinha, Sameer Merchant
-
Publication number: 20160315811Abstract: An administrator can define or modify one or more service graphs. Next, the administrator can register service appliances along with their device package files with a controller. Then, the controller can establish the capabilities of the service devices, and classify the service devices as legacy or service tag switching (STS) capable devices. Then, the controller can create one or more instances of the service graph, by populating the service nodes into the service graph. Then, the application owner can attach their endpoint groups (EPGs) to the service graphs created by the administrator. Then, a service in the network can be automatically provisioned using the service graph to configure one or more nodes in an associated service chain of the service according to information in the service graph.Type: ApplicationFiled: June 30, 2016Publication date: October 27, 2016Inventors: Navindra Yadav, Sameer Merchant, Pirabhu Raman, Amit Jain